Articles : Page 1 of 1
-
Wishful Thinking: Why can't HTML fix Script Attacks at the Source?
Apr 1215The Web can be an evil place, especially if you're a Web Developer blissfully unaware of Cross Site Script Attacks (XSS). Even if you are aware of XSS in all of its insidious forms, it's extremely complex to deal with all the issues if you're taking user input and you're actually allowing users to post raw HTML into an application. I'm dealing with this again today in a Web application where legacy data contains raw HTML that has to be displayed and users ask for the ability to use raw HTML as...
-
Rebuilding CoasterBuzz, Part I: Evolution, and death to WCF
Feb 1229This is a repost from my personal blog... Last weekend, I showed a very early behind-the-scenes preview of what will eventually be the next version of CoasterBuzz (the fifth major revision in 12 years) to some folks that participated in the PointBuzz off-season tour at Cedar Point. It's very early in the process, but I thought it would be fun to talk about some of the things that have changed over the years. This series of posts probably won't mean much to non-code-monkeys, but it's fun for...
-
Bin Deploying ASP.NET MVC 3
May 1126When you build an ASP.NET MVC 3 application and are ready to deploy it to your hosting provider, there are a set of assemblies you’ll need to include with your application for it to run properly, unless they are already installed in the Global Assembly Cache (GAC) on the server. In previous versions of ASP.NET MVC, this set of assemblies was rather small. In fact, it was only one assembly, System.Web.Mvc.dll, though in the case of ASP.NET MVC 1.0, if you didn’t have SP1 of .NET 3.5 installed...
-
Redirecting Routes To Maintain Persistent URLs
Feb 1103Over a decade ago, Tim Berners-Lee, creator of the World Wide Web instructed the world know that cool URIs don’t change with what appears to be a poem, but it doesn’t rhyme and it’s not haiku. What makes a cool URI? A cool URI is one which does not change. What sorts of URI change? URIs don't change: people change them. In a related article, URL as UI, usability expert Jakob Nielsen lists the following criteria for a usable site: a domain name that is easy to remember and easy to spell...
-
IntelliSense for Razor Hosting in non-Web Applications
Jan 1112When I posted my Razor Hosting article a couple of weeks ago I got a number of questions on how to get IntelliSense to work inside of Visual Studio while editing your templates. The answer to this question is mainly dependent on how Visual Studio recognizes assemblies, so a little background is required. If you open a template just on its own as a standalone file by clicking on it say in Explorer, Visual Studio will open up with the template in the editor, but you won’t get any IntelliSense...
-
Integrating ASP.NET MVC 3 into existing upgraded ASP.NET 4 Web Forms applications
Jan 1106I got an interesting question recently from a gentleman who has an existing ASP.NET WebForms 2.0 application that works just fine. He's upgraded it to ASP.NET 4 and it still works great, but now he wants to add some ASP.NET MVC pages to it. He doesn't want to rewrite the application. A few years ago I did a post on Hybrid ASP.NET applications. The goal was to reinforce the point that you can have ASP.NET applications that are both WebForms and MVC (as well as WCF and ASMX Web Services and o...
-
Hosting the Razor Engine for Templating in Non-Web Applications
Dec 1028Microsoft’s new Razor HTML Rendering Engine that is currently shipping with ASP.NET MVC previews can be used outside of ASP.NET. Razor is an alternative view engine that can be used instead of the ASP.NET Page engine that currently works with ASP.NET WebForms and MVC. It provides a simpler and more readable markup syntax and is much more light weight in terms of functionality than the full blown WebForms Page engine, focusing only on features that are more along the lines of a pure view engine...
-
BIN Deploying ASP.NET MVC 3 with Razor to a Windows Server without MVC installed
Nov 1024If someone says just bin Deploy it they mean deploy the application with the dependencies copied into the application's /bin folder, rather than running an MSI that installs the dependencies into the Global Assembly Cache (GAC). You may not have administrative control over your Web Server and your host may not want you running installers when new stuff like ASP.NET MVC 3 and Razor comes out. You'll want to bin deploy these new technologies. Here's two ways. The simple way and The Awesome...
-
A Sordid Little Tale Of Unexpected Security Exceptions
Nov 1005It was a dark and stormy coding session; the rain fell in torrents as my eyes were locked to two LCD screens in a furious display of coding … …sorry sorry, I just can’t continue. It’s all a lie. This actually a cautionary tale describing one subtle way that you can run afoul Code Access Security (CAS) when attempting to run an application in partial trust. But who wants to read about that? Right? Right? Well this isn’t a sordid tale, but if you bear with me, you may just find it intere...
- 1
